feat: remove guest exec from blacklist in qemu-ga configuration

[venkatamutyala]

No description provided.

[Copilot]

Pull request overview

Updates the developer setup script to configure qemu-guest-agent so it does not blacklist any commands, aligning with the intent to allow guest agent execution features during development setup.

Changes:

• Create /etc/qemu during setup.
• Write /etc/qemu/qemu-ga.conf with an empty blacklist in the [general] section.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

This unconditionally overwrites /etc/qemu/qemu-ga.conf with an empty blacklist, which disables all qemu-ga command blacklisting (not just removing guest-exec) and may unintentionally broaden what the host can trigger via the guest agent. Consider updating the existing config to remove only guest-exec from the current blacklist value (preserving other entries), and only creating the file when it doesn't already exist (or backing up the existing file).

Suggested change

	printf '[general]\nblacklist =\n' | sudo tee /etc/qemu/qemu-ga.conf
	QEMU_GA_CONF="/etc/qemu/qemu-ga.conf"
	if sudo test -f "$QEMU_GA_CONF"; then
	sudo cp "$QEMU_GA_CONF" "${QEMU_GA_CONF}.bak"
	CURRENT_BLACKLIST=$(
	sudo awk -F= '/^[[:space:]]*blacklist[[:space:]]*=/{print $2; exit}' "$QEMU_GA_CONF" \
	| tr ',' '\n' \
	| sed 's/^[[:space:]]*//;s/[[:space:]]*$//' \
	| grep -vx 'guest-exec' \
	| paste -sd ',' -
	)
	if sudo grep -q '^[[:space:]]*blacklist[[:space:]]*=' "$QEMU_GA_CONF"; then
	sudo awk -v blacklist="$CURRENT_BLACKLIST" '
	/^[[:space:]]*blacklist[[:space:]]*=/ { print "blacklist = " blacklist; next }
	{ print }
	' "$QEMU_GA_CONF" | sudo tee "$QEMU_GA_CONF" > /dev/null
	else
	printf '\n[general]\nblacklist = %s\n' "$CURRENT_BLACKLIST" | sudo tee -a "$QEMU_GA_CONF" > /dev/null
	fi
	else
	printf '[general]\nblacklist =\n' | sudo tee "$QEMU_GA_CONF" > /dev/null
	fi